[Security] Reminder :: Draft feedback on "C2C authentication using TLS"
js-xmpp-security at webkeks.org
Mon Aug 25 04:54:49 CDT 2008
Am 25.08.2008 um 11:48 schrieb Dirk Meyer:
> The other idea is to use disco#items .... while wanting to write down
> an example I noticed that this would be a very bad hack. We could also
> create our own query in the urn:xmpp:tmp:tlsauth namespace:
> <iq type='get'
> from='juliet at capulet.com/balcony'
> to='balconyscene at plays.shakespeare.lit'
> <query xmlns='urn:xmpp:tmp:tlsauth'/>
> <iq type='result'
> from='balconyscene at plays.shakespeare.lit'
> to='juliet at capulet.com/balcony'
> <query xmlns='urn:xmpp:tmp:tlsauth'>
> <x509 fingerprint='certificate-fingerprint'/>
> <openpgp fingerprint='openpgp-fingerprint'/>
We should have it in items IMO, so we can easily check and
We could just have entries there for every verification mechanism we
support. Like urn:xmpp:c2ctls, urn:xmpp:c2ctls:x509,
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: This is a digitally signed message part
Url : http://mail.jabber.org/pipermail/security/attachments/20080825/2a254122/attachment.pgp
More information about the Security